DigiNotar EV-enabled and new Verisign Roots
By Yngve Nysæter Pettersen. Friday, 15. May 2009, 13:11:52
DigiNotar, a Dutch CA added last year, has now been EV-enabled. Test sites can be found here and here.
We have also added new SHA-256 roots for Verisign and its Thawte and Geotrust subsidiaries. These certificates are very new, so there are currently no testcases available.
As part of the migration away from the less secure MD5 and MD2 methods Verisign have also updated their Generation 1 Class 1 and Class 2 Root Certificates to be signed using SHA-1 instead of MD2. These certificates are only used for client certificates, not web sites, and will not usually be installed.
Verisign also updated their G1 Class 3 Root, which is used to sign web site certificates, but we have not included this certificate yet due to problems we discovered while testing it. As Verisign's "RSA Secure Server Certification Authority" Root Certificate is expiring in just a few months (early January), we have decided to not replace it.
We have also added new SHA-256 roots for Verisign and its Thawte and Geotrust subsidiaries. These certificates are very new, so there are currently no testcases available.
As part of the migration away from the less secure MD5 and MD2 methods Verisign have also updated their Generation 1 Class 1 and Class 2 Root Certificates to be signed using SHA-1 instead of MD2. These certificates are only used for client certificates, not web sites, and will not usually be installed.
Verisign also updated their G1 Class 3 Root, which is used to sign web site certificates, but we have not included this certificate yet due to problems we discovered while testing it. As Verisign's "RSA Secure Server Certification Authority" Root Certificate is expiring in just a few months (early January), we have decided to not replace it.
WIDGETIZE
Chas4 # 16. May 2009, 05:31
https://www.evssl.nl/
&
https://www.polisdirect.nl/home
space missing between Testsites
keep up the hard work
On
http://hautesecure.com/truste_landing.html
I am guessing Opera has a replacement in in already
yngve # 16. May 2009, 12:29